CVE-2025-30379
HIGHDescription
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Is your site exposed to CVE-2025-30379?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | 365_apps |
| microsoft | excel |
| microsoft | office |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_online_server |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-30379? +
How severe is CVE-2025-30379? +
What products are affected by CVE-2025-30379? +
How do I check if I'm vulnerable to CVE-2025-30379? +
Related Vulnerabilities
A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault …
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_msg_validate() can potentially reallocate the …
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().
An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior …
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a …
Memory corruption while reading ACPI config through the user mode app.